Fix: The Trusted Platform Module (TPM) was unable to unlock the drive

BitLocker is a Microsoft Windows component designed to encrypt entire hard drive volumes using the highly popular AES encryption algorithm. BitLocker is included with select versions of Windows Vista and beyond out of the box. In order to enable BitLocker and encrypt any given hard drive volume using it, all a Windows user needs to do is open their Start Menu, search for BitLocker, open it, click on Turn on BitLocker and follow the onscreen instructions that follow. However, in order to be able to encrypt a hard drive volume using BitLocker, your computer needs to have a Trusted Platform Module (TPM) chip. BitLocker uses the TPM chip to run authentication checks on your computer’s hardware and software.

Also, in order to successfully encrypt a volume or your computer’s hard drive using BitLocker, you are going to need to enable your computer’s TPM chip (it is disabled by default). Doing so will require you to turn your computer off in the middle of enabling BitLocker and then manually turn it on again. However, sometimes, when a Windows user is instructed by the BitLocker wizard to turn off and then turn on their computer in order to turn on the TPM security hardware or when they run a BitLocker system check and their computer reboots, they receive the following error message:

“The Trusted Platform Module (TPM) was unable to unlock the drive. Either the system boot information changed after choosing BitLocker settings or the PIN did not match. If the problem persists after several tries, there may be a hardware or firmware problem.”

After this error message is displayed, BitLocker is not successfully enabled, and that’s where the actual problem lies. This can be quite aggravating for anyone who actually wants to encrypt one or more volumes of their hard drive using BitLocker, but fear not as this issue can be fixed fairly easily. In order to resolve this issue, you need to simply:

Press Windows Logo key + R to open a Run. Type gpedit.msc into the Run dialog and press Enter.


In the Group Policy Editor, navigate to the following directory:

Computer Configuration \ Administrative Templates \ Windows Components \ Bit Locker Drive Encryption \ Operating System Drives

And Double-click on Require additional authentication at startup.

Set the Require additional authentication at startup policy to Enabled in the resulting window. Click on Apply. Click on OK.

The Trusted Platform Module (TPM) was unable to unlock the drive.

Try enabling BitLocker again, and you should no longer see any error messages and BitLocker should be enabled successfully.


Kevin Arrows

Kevin is a dynamic and self-motivated information technology professional, with a Thorough knowledge of all facets pertaining to network infrastructure design, implementation and administration. Superior record of delivering simultaneous large-scale mission critical projects on time and under budget.
Back to top button

Expert Tip

Fix: The Trusted Platform Module (TPM) was unable to unlock the drive

If the issue is with your Computer or a Laptop you should try using Restoro which can scan the repositories and replace corrupt and missing files. This works in most cases, where the issue is originated due to a system corruption. You can download Restoro by clicking the Download button below.

Download Now

I'm not interested